The Research Of Multiple Objective Programming-Based Access Control Model In Cloud Computing Environment

Cloud computing has become a reality through the advance in the Internet and virtualization technologies. It integrates a large number of resources into a huge resource pool. Users can access these resources on demand. Cloud computing has many advantages such as reduced costs, rapid deployment, and dynamic expansion. So it has been widely used by enterprises, institutions and so on. The users access these resources remotely through the Internet, therefore security and utility are the two major concerns in cloud computing.The existing access control models and the research state of access control model of cloud computing have been analyzed, but they can’t fully adapt to the environment where cloud service resources are dynamicly changed and the access requirements are complex and changeable. In the paper we focus on dynamic access control model, and the main works are as follows:(1) As there are multiple cloud service providers in a cloud computing environment, for every user’s access request, a variety of authorization policy will be produced. We propose a safety multi-objective model in which security and utility can be used as the main criteria for selecting an authorization policy. In the model, the concept of "risk" in the economics is introduced to measure the security. And the completion rate, time and cost of task are used to measure the utility. By quantifying the risk and utility of the permissions in cloud computing environment, the corresponding risk and utility models can be established. After solving the multi-objective model by using the linear weighting method, the values of decision variables can be obtained which could make the objective function get the suboptimal solution. The analysis of example shows that it is helpful to establish a safety multi-objective model based on user’s access request to select the authorization policy. In the authorization policy security and utility are relative optimal.(2) Based on RBAC model, a fine-grained access control model integrating the presented safety multi-objective model is proposed. Aimed at users’preferences on the security and utility in the cloud computing environment, the model adopts the authorization selection policy corresponding to subject’s access requests to meet the requirements of users. At the same time, the user’s security factor affect the calculation of risk of granting permission, and it can determine whether the user can obtain access rights to the resources of cloud service providers. For the case of legitimate users accessing resources illegally in cloud computing environment, we propose an update mechanism of user’s security factors based on historical access records. Dynamically update the security factors can control the user’s illegal operation effectively.